Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/wXOSH8PQB9rIsB77H-ctoiZsA_8.roa
File: wXOSH8PQB9rIsB77H-ctoiZsA_8.roa (raw, json)
Hash identifier: zf42ARFus51KtIySnwD7BYRhr1CgN14jTJx0/2S/uco=
Subject key identifier: C1:73:92:1F:C3:D0:07:DA:C8:B0:1E:FB:1F:E7:2D:A2:26:6C:03:FF
Certificate issuer: /CN=52e02224ffb971172e4935ed7dd965d1155089b6
Certificate serial: 01856F30208ED7AB96C9DDDFBD322ACC5ACB
Authority key identifier: 52:E0:22:24:FF:B9:71:17:2E:49:35:ED:7D:D9:65:D1:15:50:89:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuAiJP-5cRcuSTXtfdll0RVQibY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/wXOSH8PQB9rIsB77H-ctoiZsA_8.roa
Signing time: Sun 01 Jan 2023 21:15:03 +0000
ROA not before: Sun 01 Jan 2023 21:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5413
IP address blocks: 185.121.16.0/24 maxlen: 24
185.121.16.0/22 maxlen: 22
185.121.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:20:8e:d7:ab:96:c9:dd:df:bd:32:2a:cc:5a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52e02224ffb971172e4935ed7dd965d1155089b6
Validity
Not Before: Jan 1 21:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c173921fc3d007dac8b01efb1fe72da2266c03ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:52:aa:d6:87:22:79:03:ad:3d:f8:a2:61:61:
d1:d8:96:88:c3:d0:3d:23:d6:1f:20:fb:ad:1a:d0:
c4:79:02:ba:d5:7a:bb:81:34:a3:5c:cc:19:26:e2:
97:8d:87:13:1a:ff:72:bb:1f:2a:bd:f8:11:e3:7c:
c9:47:85:c5:10:08:96:1d:61:73:7c:35:99:9d:5f:
8e:95:73:90:a5:1a:fb:7c:c1:5d:e6:73:92:31:df:
13:80:b5:7a:bc:14:4a:34:e2:dd:14:1b:1f:e1:df:
32:b1:fa:6a:c2:a1:0f:bd:cf:19:a4:90:37:be:23:
57:d5:fb:63:26:3c:43:51:16:34:de:d7:94:0e:ba:
3d:9d:ce:de:db:64:5a:ff:5d:74:60:a5:e9:b2:7d:
52:8f:3e:6d:3a:55:36:90:34:e0:8f:c9:02:5a:7d:
45:84:e4:38:43:ef:19:68:3d:39:73:b1:ef:20:1b:
41:00:04:b2:a9:a4:5a:be:cc:82:8b:82:91:15:18:
2a:b8:05:ac:5a:b5:20:05:83:81:1b:58:dd:d4:c7:
49:36:39:6f:54:53:cb:a4:39:70:ed:dc:17:ff:bf:
bf:cf:1e:60:de:87:af:fe:43:39:47:c4:cd:b4:39:
a4:fa:a9:f5:62:3f:a7:cc:fc:8c:e8:9a:2e:66:5d:
ff:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:73:92:1F:C3:D0:07:DA:C8:B0:1E:FB:1F:E7:2D:A2:26:6C:03:FF
X509v3 Authority Key Identifier:
keyid:52:E0:22:24:FF:B9:71:17:2E:49:35:ED:7D:D9:65:D1:15:50:89:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuAiJP-5cRcuSTXtfdll0RVQibY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/wXOSH8PQB9rIsB77H-ctoiZsA_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/311bc5-3f36-4d5e-abde-b8da89406bed/1/UuAiJP-5cRcuSTXtfdll0RVQibY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.16.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:35:59:b3:20:cc:45:ae:c8:14:16:34:0b:27:49:ac:8c:4a:
84:51:72:3d:2e:4b:cf:15:9f:4a:26:16:4f:64:fd:6f:fc:d8:
ba:5a:ed:29:23:da:28:07:9a:a3:c0:77:d7:cd:03:e9:2e:52:
b8:5a:46:e1:82:12:f9:53:0f:78:61:da:5f:9d:64:46:ca:ed:
f3:04:06:3a:bc:4d:34:73:ec:9f:b6:1b:cc:b9:6f:2b:2b:f2:
c4:bc:52:07:f5:f6:32:f7:87:75:a7:38:13:cc:89:0f:6b:5f:
a4:2e:86:5a:3e:1c:9d:86:0c:a3:b1:a9:d9:c3:aa:88:fa:20:
08:71:19:08:6c:9b:b9:2d:2f:f4:4b:cc:ee:b1:5b:e7:57:ea:
6c:84:9b:f0:06:82:ba:ef:d5:e9:68:16:83:15:d5:62:40:9d:
f7:2d:65:1b:46:dc:f5:55:2a:eb:62:ef:44:26:11:39:1b:6e:
7e:24:0a:e9:f8:c3:3f:8a:0f:24:58:35:48:77:3c:9c:81:72:
f1:0f:d9:24:8b:19:6d:2c:5a:1f:40:35:6a:a6:3b:04:93:b0:
5e:42:82:1c:a9:dd:f5:16:98:bf:80:e4:c1:85:65:0b:a8:63:
65:7d:86:40:5f:a9:6f:ab:aa:62:a5:f6:9a:31:66:ee:b1:68:
7f:69:f8:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMCCO16uWyd3fvTIqzFrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZTAyMjI0ZmZiOTcxMTcyZTQ5MzVlZDdkZDk2NWQxMTU1
MDg5YjYwHhcNMjMwMTAxMjExNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTczOTIxZmMzZDAwN2RhYzhiMDFlZmIxZmU3MmRhMjI2NmMwM2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilKq1ocieQOtPfiiYWHR2JaIw9A9
I9YfIPutGtDEeQK61Xq7gTSjXMwZJuKXjYcTGv9yux8qvfgR43zJR4XFEAiWHWFz
fDWZnV+OlXOQpRr7fMFd5nOSMd8TgLV6vBRKNOLdFBsf4d8ysfpqwqEPvc8ZpJA3
viNX1ftjJjxDURY03teUDro9nc7e22Ra/110YKXpsn1Sjz5tOlU2kDTgj8kCWn1F
hOQ4Q+8ZaD05c7HvIBtBAASyqaRavsyCi4KRFRgquAWsWrUgBYOBG1jd1MdJNjlv
VFPLpDlw7dwX/7+/zx5g3oev/kM5R8TNtDmk+qn1Yj+nzPyM6JouZl3/2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFzkh/D0AfayLAe+x/nLaImbAP/MB8GA1UdIwQY
MBaAFFLgIiT/uXEXLkk17X3ZZdEVUIm2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXVBaUpQLTVjUmN1U1RYdGZkbGwwUlZRaWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zMTFiYzUtM2YzNi00ZDVlLWFiZGUt
YjhkYTg5NDA2YmVkLzEvd1hPU0g4UFFCOXJJc0I3N0gtY3RvaVpzQV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zMTFiYzUtM2YzNi00ZDVlLWFiZGUtYjhkYTg5NDA2YmVk
LzEvVXVBaUpQLTVjUmN1U1RYdGZkbGwwUlZRaWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXkQMA0G
CSqGSIb3DQEBCwUAA4IBAQAqNVmzIMxFrsgUFjQLJ0msjEqEUXI9LkvPFZ9KJhZP
ZP1v/Ni6Wu0pI9ooB5qjwHfXzQPpLlK4WkbhghL5Uw94YdpfnWRGyu3zBAY6vE00
c+yfthvMuW8rK/LEvFIH9fYy94d1pzgTzIkPa1+kLoZaPhydhgyjsanZw6qI+iAI
cRkIbJu5LS/0S8zusVvnV+pshJvwBoK679XpaBaDFdViQJ33LWUbRtz1VSrrYu9E
JhE5G25+JArp+MM/ig8kWDVIdzycgXLxD9kkixltLFofQDVqpjsEk7BeQoIcqd31
Fpi/gOTBhWULqGNlfYZAX6lvq6pipfaaMWbusWh/afhm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:54 2024 by rpki-client on console-fra.rpki-client.org